Security AssessmentsData Breach Threat Analysis

Our Data Breach Threat Analysis addresses concerns related to Advanced Threats and Advanced Evasion Techniques.


Today’s cyber attacks are more stealthy and malicious than ever before and are programmed to remain unnoticed for as long as possible until an opportune time in the future to inflict damage. Although signs of the intrusion likely exist, many of today’s sophisticated data breaches are undiscovered for months.

Sixty-one percent of companies that experienced a data breach were notified by a third party that it had occurred, according to a recent U.S. Secret Service data breach report. In addition, 86 percent of data breach victims had evidence of the breach on their network before it was detected by them or a third party.

Malware and Unpatched Systems

Many computer security breaches occur today because of the time lag between discovery of a vulnerability and installation of security patches. Simply stated: traditional anti-virus/anti-malware vendors continue to lag behind online criminals when it comes to detecting and protecting against new and quickly evolving Internet threats. Add this time lag to the patching schedules of diligent IT administrators, you have approximately a three month vulnerability window through which malware can be injected into the network. However, the vulnerability window is extended many more months and sometimes years when systems remain unpatched. The data extracted from conducting hundreds of network vulnerability assessments on networks shows that the number one vulnerability found is unpatched systems.

Video: Data Breach Threat Analysis

Data Breach Threat Analysis Approach

To respond to this growing threat Sword & Shield adds Data Breach Threat Analysis (DBTA) to our traditional Network Vulnerability Assessment and Penetration Testing (NVA/PT) to assess the 86 percent of data breach victims who do not know they have been breached. DBTA proactively identifies:

  • The types of attacks that companies are experiencing,
  • The origin of the attacks, and determines if there is evidence of an existing threat in the form of malware and viruses.

By leveraging our extensive Incident Response experience and methodology the Data Breach Threat Analysis methodology takes a “snapshot in time” to:

  • Profile real time attacks being perpetrated against the network,
  • Determine the origin (IP address and country of origin) of the attacks,
  • Determine the likely intent of the attacker,
  • Detect malware and viruses that may have already been introduced and remains undetected,
  • Determine insecure applications and vulnerabilities that may be otherwise unknown, and
  • Determine whether a system breach has occurred through a known vulnerability or an unknown vulnerability (0-day). The data sources captured in the snapshot will contain forensic evidence of the existence of the vulnerability and or attack.

Security Assessments

Your organization’s reputation is one of its most valuable assets. Sword & Shield’s comprehensive suite of Security Assessments can expose your hidden risks and vulnerabilities and help you develop a plan to reduce your risks and prepare for attacks targeting your valuable data.

Find Out More

Datasheet Download

security-testing-datasheet

Expose Your Hidden Risks and Vulnerabilities

Request a Free Consultation for our Security Assessment services.

Featured Additional Security Assessment Services

Sword & Shield provides a wide variety of security assessment related services for our clients. The following list provides an overview of some of the most common services we perform. For more details about these services or other services we perform, contact us today.

Database Security

Our engineers are experienced in auditing Oracle, Microsoft SQL, Notes, and several other database management system products. Among other things, Sword & Shield security engineers analyze authentication and authorization controls in the database system for least-privilege access controls and audit traceability. Emphasis is placed on matching the degree of security with the business and operational needs.

Firewall Audit

A Sword & Shield Firewall/Router Audit thoroughly evaluates the rule base for known security risks and policy violations. As a first line of defense against attacks, firewalls and routers must be implemented and maintained properly. Our Firewall/Router Audit provides a detailed analysis that reduces risks and increases perimeter security.

Mobile Applications Assessment

Our Mobile Application Assessment, when combined with our Web Application Assessment, provides a comprehensive assessment of the security of the web application and the mobile devices used to interact with the application. The service analyzes the network transmissions and forensically analyzes the mobile device(s) used.


Phone Sweep

Sword & Shield performs a sweep of the telephone address space to detect unauthorized modems and authorized but insecure modems. We can perform a phone sweep as a stand-alone service, or as part of another service, such as an external network vulnerability/penetration test.

Security Architecture Review

The Architecture Review and Design process is coordinated through a client project manager and includes a set of structured interviews. These interviews and reviews focus on business areas supported by the network and the technology staff that supports the business units.

Virtual Infrastructure Assessment

this service provides the customer with the analysis necessary to protect all facets of a virtualized infrastructure. Included are areas related to access control, the application of least privilege, data protection, secure network configuration, disaster recovery planning and testing, and threat analysis. The goal of the assessment is to identify security gaps and develop remediation strategies.

VPN Audit

The VPN Audit service audits your VPN and your VPN policies and recommends techniques to optimize and enhance your VPN’s effectiveness. We identify potential security vulnerabilities and help you reduce your risks.

Website Security Consulting

Web application security encompasses measures taken throughout the application’s life cycle to prevent exceptions in the security policy of an application or the underlying system vulnerabilities through flaws in the design, development, deployment, upgrade, or maintenance of the application.

Wireless Security

Sword & Shield Wireless Testing examines the subsystems, components and security mechanisms of a wireless network and identifies any weaknesses.